Connect with us

Cyber Security

Is Cybersecurity Boring?

Published

on

Is Cybersecurity Boring
Is Cybersecurity Boring

Is cybersecurity Boring?- I work in cyber security as a cyber security architect, and the security teams for which I work have a variety of responsibilities. When I originally started looking for entry level employment, my aim was to figure out which ones were the most fascinating.

Lower-level cyber security professions are, on the whole, quite uninteresting because they are tedious and repetitive. Where the same actions, such as running through checklists, examining logs like security and incident logs, checking dashboards for alerts, and creating tickets from a central security email address into an incident management application, are repeated as part of daily activities.

Employees in cyber security may become demotivated as a result of the monotony of their duties, which can also cause a lot of stress. Many of these positions have a high employee turnover rate because workers feel discouraged by the repetition and resign.

One of my close friends used to work in a low-level, dull position in cyber security, where they worked in shifts, either the early or late shift. They had to complete a checklist for each shift, with the morning shift needing them to complete it first thing in the morning and the late shift wanting them to complete it near the conclusion of their shift.

They told me that going through the checklist, checking several dashboards, logs, and a variety of other tedious activities may take up to two hours. When they were checking, they said they felt like a robot because they were in automatic mode, as if they were running a computer programme in their heads to check this and then check that.

They’d have to check the centralised email address for the entire cyber security team, where any incident-related emails would arrive, once the checklists were completed. They’d have to go through each of these emails and add the ones that are important to the incident management application. So, let’s imagine you received an email from another employee who worked in accounts, and the email read something like,

“I accidentally sent some of our customer information to the wrong customer”

My friend would have to enter the details of the employee who sent the email, the time of the occurrence, the incident details, and so on into the incident management application. Then they’d have to figure out who should be in charge of this incident; in the case above, the data privacy team may have been in charge. Each occurrence would be assigned a priority ranking based on my friend’s assessment of its seriousness.

They stated that privacy-related matters would be given a three-star priority, but that if the situation appeared to be significant, my buddy would contact a data privacy team contact mentioned on the website. This might be an emergency out-of-hours number if they had to call them outside of work hours, such as at the start of the early shift or at the end of the late shift.

They didn’t stay in this work for long, and instead used their ability to swiftly pick up new skills and information to advance to a new position. Increasing their involvement in incident management-related roles, such as incident management planning.

One of my friend’s pet peeves about their tedious job was the lack of social connection, since they spent a big portion of their shift alone, with no interaction with other employees. Any job can become monotonous due to a lack of social connection, and some lower level cyber security occupations are no exception.

Table of Contents

Is Cybersecurity a Stressful Job?

Cyber security can be a demanding job, especially if it involves incident management, because a significant occurrence can require all hands on deck and the completion of tasks under time constraints. As a result, additional hours are required to ensure that the issue is confined.

I had a simple 9-to-5 job at one of the organisations where I worked, except for one day when there was an incident. Initially, it appeared that the firm had been the victim of a successful cyber attack, necessitating the start of a complete incident management process.

I had to become involved since it appeared that an attacker had managed to penetrate one of the security safeguards on the project I was working on. Worse, the incident management process began just as I was about to log off for the day, so I had no choice but to stay at work and assist the incident manager and the incident management team.

This was a first for me; I’d never been in an accident before, so my curiosity got the best of me. However, some of the other callers, particularly those on the incident management team, had to work in these conditions on a regular basis. That is, the unknown, where an event could occur at any time, and they needed to be prepared and on top of their game in order to manage the problem as swiftly as possible.

This meant that their 9 to 5 job could evolve into a 9 to midnight job, or, in the worst-case scenario, an all-nighter. The team had to pass the baton of being “on-call” to each other. This means they could be soundly sleeping at home when the phone rings to inform them of a potential serious incident.

Once the incident management process was started, the incident manager would ask the team a lot of questions in order to figure out what investigations and activities they would need to do. To ensure that the impact of any catastrophe is minimised, all of this would have to be done swiftly and precisely.

For example, suppose one of the cloud storage services, such as Amazon’s Simple Storage Service (S3) bucket, was misconfigured and detected by one of the security programmes. The following items would need to be considered as part of the incident management process:

  • when this was discovered,
  • when the misconfiguration occurred,
  • what information is stored in the S3 bucket,
  • who’s accessed the information,
  • what could potentially be the impact of unauthorized access,
  • how can the misconfiguration be fixed, and a damage limitation exercise started.

There are numerous investigations and tasks to be completed, and if the information stored in this S3 bucket was of high value, such as credit card information, organisational secrets, or customer information, senior executives may be required to participate.

For me, not knowing how my working day would go, as I could wind up working longer hours than I intended throughout the day, being called late at night, having my sleep disrupted, and overall not being able to get into a routine would cause a lot of stress, as it does for many other people. This is why I steered clear of occupations like these.

My positions as a cyber security architect have not been stressful, and they will continue to be so in the future, since I serve as an advisor and work strictly a 9 to 5 schedule. If I have to commute, I sometimes work from 8 to 4 to avoid the stress of commuting during rush hour. My position is not unique; there are numerous professions in cyber security that are similar to mine, ranging from analysis to engineering to risk management.

I always advise anyone new to cyber security to treat jobs like incident management as temporary as much as possible, especially if they are unpleasant, and to utilise them as a stepping stone to less stressful employment.

Is it Worth Going into Cybersecurity?

Overall, pursuing a career in cyber security is well worth the effort, as the pay is higher than that of other IT occupations. Both monetary and contractual rewards are available for executing the assignments, with many of them being quite intriguing.

When compared to other jobs in the information technology field, cyber security positions pay well. Friends of mine who have switched from other types of information technology professions have experienced a significant rise in their pay, sometimes as much as 50%.

For me, the social components of my cyber security profession, where I interact with many teams within a company as a cyber security architect, are appealing. This is really fulfilling to me because it allows me to form friendships and, more importantly, it allows me to demonstrate to my coworkers that I am available to assist them.

I’m not there to put up roadblocks and prevent people from doing their duties by enforcing excessive security measures. Instead, I’m there to talk about how we can both work together to satisfy the organization’s and security’s needs.

I also appreciate the fact that many cyber security responsibilities confer authority, particularly in organisations that regard security as a “first-class citizen.” Thankfully, none of this has gone to my head.

I enjoy working in a leadership position, but my credo remains the same: help others in the same organisation understand and respect the importance of cyber security. Our employer and we must ensure that they are safe from cyber dangers and attacks because they are the “hand that feeds.”

Does Cybersecurity Require Coding?

In comparison to specific specialised areas in cyber security where coding is vital, there are many more jobs in cyber security that do not require any coding expertise or experience. People who work in jobs that do not require coding knowledge are more focused and active in the architectural, design, planning, construction, and support of an organization’s cyber security activities.

People frequently mistakenly believe that having coding experience is a must for obtaining a job in cyber security when, in fact, the majority of positions do not require any coding experience or knowledge. As a result, these individuals may get interested in studying coding languages, particularly Python, as they regard it as a fast pathway to cyber security.

Unfortunately, this isn’t the case, since true cyber security expertise and knowledge are valued more, and coding skills are considered a ‘nice to have’ capability in most cyber security employment.

I haven’t done any coding in any of the cyber security roles I’ve had. Other than being able to use the web programming language PHP for some of the websites I develop for non-work related activities, I have no coding skills. My lack of coding skills hasn’t stopped me from working in cyber security.

In all of the cyber security tasks I’ve worked on, I’ve advised coders on how to code safely. I’ve worked with hackers who programme in Java,.NET, Python, as well as front end JavaScript based frameworks like Vue, React, and Angular, and I know nothing about coding in these languages.

I do know, however, that they must code securely by not including passwords in their code or performing database queries that can be readily hacked. I don’t need to know anything about coding, classes, or object-oriented programming; this is all I need to know.

When I worked for one company, there was a significant cyber security team of over 80 individuals, which included:

Only approximately 15 of the 80 or so members on the security team utilised code on a regular basis, according to my estimation. That’s less than a quarter of a percent. In their jibs, Security Testers and some SOC analysts use a lot of coding expertise. Because security testers, like penetration testers, need to understand code in order to execute their security tests against it.

While some SOC Analysts, particularly those involved in Red Team and Blue Team activities, would need to be able to code, the Red Teams were responsible for Ethical Hacking and could include individuals who would need to manipulate code or create threat and vulnerability code in order for the Blue Team to find this vulnerability.

Security Engineers would need certain coding abilities depending on their job responsibilities. For example, if they were developing scripts on Linux or Unix (bash scripts) or even Windows (PowerShell), they would need to know how to code. But only if these entailed security tools, in which case the tool vendor would most likely come in and assist with the installation of the security product, as well as any scripting requirements.

After the vendor had generated the accompanying scripts, the security engineers would most likely package the installation and configuration of the security solution using templates like Azure ARM Templates or AWS CloudFormation, or even a templating language like Terraform. I’d be hesitant to declare that the security engineers in this case were 100% coders, because templating languages are much easier to learn than coding languages like Python. These templating languages are far more declarative than logical, and I’ve done some basic Terraform template construction and find it much easier than PHP writing.

More crucially, the projects’ DevOps engineers would be in charge of a lot of the cyber security work I recommend to them. Because the DevOps team knows how to code, if I wanted them to instal security software, they’d have to write scripts in Python to automate the process if templating wasn’t used.

So, while it’s reasonable to presume DevOps engineers need to know how to code, I, as a cyber security professional, would need to know nothing about coding, despite the fact that coding is involved in what I’ve suggested.

The DevOps engineers were not on the cyber security team; instead, they were on the project team, which meant that their coding skills and experience were irrelevant for a job in cyber security because they didn’t work in cyber security.

Python Skills

I recall being on a team with five other cyber security architects at one company, and one of my coworkers was teaching several interns who were doing work experience as part of their university degree programme. He had taught them some basic python so that they could run reports and extract data from files and quickly import it into Microsoft Excel spreadsheets, from which they could build reports.

My coworker had a deep understanding of Python and could code to a very high level; in fact, I’m confident that if they chose to work as a developer, they would be able to do so with ease. My coworker, on the other hand, used to complain that we didn’t get any opportunities to utilise Python outside of what he was doing with the interns because it wasn’t required for our day-to-day employment.

Some of the security engineering jobs may be appropriate for you if you enjoy coding and want to work in cyber security in a coding-related career. Penetration testing, ethical hacking, and working in red and blue teams are all security testing occupations that may be more relevant.

Do You Have to be Smart to be in Cybersecurity?

Most cyber security occupations do not require a high level of intelligence, as most jobs include applying cyber security concepts, standards, and best practises to projects and situations. These cyber security concepts and standards can be simply deployed across any firm once they’ve been grasped.

I’m averagely intelligent and wouldn’t consider myself particularly bright, but I have no trouble finding positions in cyber security. Simply because I understand what cyber security is, what the most common threats and assaults are, and how the principles, standards, and best practises for security may be applied.

Over time, I’ve acquired a mindset for thinking like a hacker, which has helped me comprehend the precautions that must be implemented to combat these types of hackers.

While there are numerous careers that do not demand a high level of intelligence, there are other jobs in cyber security that do. There are occupations that need advanced coding, analysis, and threat assessments. These cyber security positions tend to attract only the brightest candidates, yet they make up a small part of a company’s overall cyber security staff.

I don’t have a college diploma; I only have a high school diploma, but I’m regularly approached by companies who want me to work for them. The reason for this is that I have extensive experience in cyber security, which I have created using cyber security concepts and standards.

In my daily work, I apply several of the following principles:

  • Authentication
  • Authorization
  • Accounting (Auditing)
  • Confidentiality
  • Integrity
  • Availability
  • Principle of Least Privilege
  • Separation of duties

These ideas are simple enough for me to apply to any cyber security project I’m working on. So, based on the first principle, authentication, I’ll see if the project’s deliverables include authentication. This might be a website or a web application that requires customers to log in. Customers must have a username and a valid password to login, and authentication provides a means to show they are who they say they are.

When it comes to authorisation, the principles would entail ensuring that consumers may only see information that is relevant to them when they log in, as long as they are authorised to see it. Customers will not be able to read information about other customers because they have not been given permission to do so. If they can see information about other customers, it’s a red flag for me that the authorisation isn’t working properly, or worse, that no authorization exists.

All contacts with the website and any other services by consumers, workers, third parties, and contractors are tracked under the Accounting principle. As a result, every time they try to log in, a security event is recorded in a file called a log, which includes the logging user’s username, as well as the time and date. If the login fails due to an error, such as entering the wrong password, the error is also recorded.

Logging is vital because it keeps track of security-related events, which can be evaluated for suspicious trends, such as logging in from unusual places, such as outside the country where the user usually logs in. This could signal that the user account has been compromised, and by responding swiftly and suspending or disabling the account, potential cyber threats can be avoided.

Confidentiality principles are critical in securing an organization’s information by ensuring that only those who are authorised to see it have access to it, as well as ensuring that the information is protected if it is stolen. In most cases, this can be accomplished by ensuring that the data component of information is encrypted during storage and transfer via encrypted channels.

Integrity standards are crucial to ensure that information isn’t tampered with or manipulated, such as when a report on a company’s profit that shows a significant loss is changed to indicate enormous profits. The report’s integrity has been harmed as a result of this change, as the information it contains is inaccurate, and the report’s impact on a company’s share price, a merger, or a takeover could be influenced. As a result of altered information, investors may experience possible losses, which may result in job losses to offset the loss of profit.

Availability guarantees that information can be used, ensuring that a website where doctors can access medical records about their patients does not go down, leaving doctors without critical information.

Malicious parties utilise common distributed denial of service (DDoS) attacks to take down services like websites, preventing legitimate users from accessing them. The DDoS attack causes the website’s support systems, such as web servers and load balancers, to become overloaded, lowering and, in some circumstances, crippling access.

The idea of least privilege is vital for ensuring that a user’s privileges on a system are appropriate for the job they are performing. As a result, a regular user who only has to log in and use Microsoft Word, Microsoft Excel, and check their email does not require administrator capabilities. To execute their job, they only require basic privileges.

The separation of duties principle tries to spread privileges across a group of people so that no one person has all of the advantages that are deemed to be too powerful. As a result, when software is built, tested, and deployed, no single individual has the authority to build, test, or release the software into a “real-world” environment such as production.

Instead, the various stages of the release cycle are divided into separate jobs with varying levels of privileges to ensure that not only the concept of least privilege is followed, but that no single person can perform everything from application development through testing and release.

Final thoughts

Working in cyber security is something I find highly interesting and never boring. My day-to-day job tasks are really fulfilling, particularly when they entail interacting with other employees, meeting suppliers, reviewing new cyber security tools, and examining methods to improve cyber security risk postures across my employer’s firm.

Because I haven’t been actively involved in demanding activities, such as incident management, I don’t find the roles I’ve held stressful. I try to stick to a 9 to 5 pattern, and once I do, my obligations are much easier to manage, and I’m not overwhelmed by work tasks because I’ve gotten very good at managing my work schedules.

I have ordinary IQ, but it hasn’t stopped me from working in cyber security. I’ve mastered the major principles of cyber security and have been successful in implementing these ideas wherever I’ve worked.

Most cyber security occupations do not require any coding skills; however, some jobs, particularly those involving ethical hacking, engineering, or analysis, may require some programming knowledge. However, coding and programming abilities are not required for the work I do, nor for the work that most people in cyber security undertake.

Overall, cyber security is a job that is not only financially rewarding but can also be a very intriguing one to be a part of. I enjoy the work I do, and the social connection with the people I encounter is a huge plus for me. I strongly advise anyone considering a new career or a career shift to read it.

PlatoAi. Web3 Reimagined. Data Inteligence Amplifed.
Click here for Free Trial.

Source: https://cybersguards.com/is-cybersecurity-boring/

Cyber Security

Mozilla Completely Removed Support for the File Transfer Protocol From the Firefox

Published

on

The File Transfer Protocol (FTP) has been completely removed from Mozilla’s latest release of its flagship Firefox web browser.

FTP, which is based on a client-server approach and has been around for around five decades, provides for the simple transmission of files and directories between computers. The protocol, however, has long been regarded as insecure due to the fact that data is transferred without encryption. There are secure variations, such as one that uses SSL/TLS (FTPS) or the SSH File Transfer Protocol (SFTP).

FTP has been supported by all major browsers almost since the beginning, however security concerns have led to declining adoption and deprecation in favour of more secure alternatives.

In addition, FTP has been utilised in a variety of malware distribution schemes, with some involving the penetration of FTP servers in order to use the protocol for payload delivery.

“In keeping with our goal of deprecating non-secure HTTP and increasing the number of secure connections, we, along with other major online browsers, have decided to stop supporting the FTP protocol,” Mozilla said.

In March 2020, the open-source group revealed plans to remove FTP support in Firefox, a few months after Google deprecated the protocol in Chrome, and to disable it by default in Firefox 88. Starting with Firefox 90, the protocol is no longer supported.

“Removing FTP moves us closer to a truly secure web that is moving toward HTTPS only, and any modern automated upgrading techniques like HSTS or Firefox’s HTTPS-Only Mode, which automatically upgrade any connection to become safe and encrypted do not apply to FTP,” Mozilla stated.

Mozilla assures that Firefox users are secure from any form of attack that uses the protocol for virus delivery by fully deleting FTP capability from the browser.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/mozilla-completely-removed-support-for-the-file-transfer-protocol-from-the-firefox/

Continue Reading

Cyber Security

Why Businesses Switch to a Different Cloud Storage Provider?

Published

on

Cloud storage is a cloud computing service that stores data online through a cloud computing provider. The cloud computing provider manages and runs data storage as a service. It is delivered as-needed with minimal storage costs and capacity. This eliminates the need to purchase and manage your own data storage infrastructure. You get global scale, durability, and agility with data access “anytime, anyplace”.

There are lots of businesses these days that are heavily reliant on digital technology, and they invest in a lot of different tech services. Because of their reliance on technology, businesses have to make the right choices, but at the same time they also have to take finances and budget into consideration. When it comes to something like cloud storage solutions, there are many business owners and managers who find that they are paying too much and that the service they receive is not up to scratch.

Fortunately, when it comes to this type of service, businesses these days are able to turn to cloud to cloud migration processes. This makes it very easy for businesses to switch to a different cloud storage provider, which in turn can help them to enjoy a range of benefits. When you are with the wrong provider, it can cause all sorts of issues that can have a huge negative impact on your business. In this article, we will look at why some businesses decide to switch to a difference cloud storage provider.

Table of Contents

Some of the Key Reasons

There are a few key reasons why businesses decide to switch to a different cloud storage provider. Some of the most common ones are:

They Are Being Charged Too Much

One of the key reasons why businesses decide to switch to a different cloud services provider is that they are being charged too much by their current provider. They may be getting charged more than they can afford, or they may be able to afford the cost but are not getting much for their money. Either way, many are looking for better deals on their cloud services, and this is why they decide it is time to switch.

Service Levels Are Poor

Another reason why businesses may decide to switch to a different provider for their cloud services is because the service levels they are receiving from the current provider are very poor. When businesses are reliant on this type of service, they need to be able to get problems and issues resolved with speed and efficiency. If they are not getting this service from their provider, many will switch to one that is known for higher service levels.

Too Much Downtime

One of the other common reasons why businesses often decide to make the switch is due to too much downtime with their current providers. As a business, the last thing you need is cloud services that are hardly ever accessible because of the regular downtime. So, many will switch to a provider with an excellent uptime record and guarantee, as this can have a huge positive impact on their business and eliminates the stress and worry of the servers being down all the time.

These are some of the common reasons why businesses decide to switch to a different provider. The fact that it has become far easier to do this these days is an added bonus.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/why-businesses-switch-to-a-different-cloud-storage-provider/

Continue Reading

Cyber Security

Setting up Secure Payroll

Published

on

Payroll is one of the most sensitive business functions in any company. Payroll fraud and security breaches are distressingly familiar tales in the modern business environment. Interestingly, the adoption of electronic solutions has only changed the way fraud is perpetrated instead of reducing its occurrence.

In 2019, the Federal Bureau of Investigation reported that payroll diversion schemes via email compromise and other sophisticated attacks cost businesses $8.3 million per year..

This data suggests that while electronic solutions offer a handy solution, a lot of payroll security and fraud prevention comes down to employer processes. After all, sophisticated tools are only as good as the people operating them. Here are 5 ways to shore up your payroll processes to ensure maximum security

Table of Contents

Move to the Cloud

Traditionally, organizations have favored keeping data and infrastructure in-house due to privacy concerns. However, to support this decision, companies need to invest significant resources into maintaining and securing their assets. These days, leveraging third party expertise is a much better way to ensure you receive best of breed service.

Cloud-based payroll vendors provide a level of security that in-premise solutions can’t match. And by moving to the cloud, you can scale your payroll solution better as well. For instance, if you expand into a different country or rapidly add branches to your organization, a cloud solution will automatically scale with you for low marginal cost. It is these two advantages of security and scalability that the new breed of venture capital backed global payroll vendors such as Papaya Global are offering. Add to this, the greater reliability that cloud solutions provide, and it’s clear to see that leveraging third party expertise to manage your payroll infrastructure is a no-brainer.

Integrate Payroll into Security Measures

Integrating payroll into common security measures is a good way to reduce payroll fraud.

Create strict procedures and controls around who has access to sensitive data and prioritize access based on risk. For instance, most organizations automatically award access based on seniority, but this only increases the number of unused login IDs in your payroll system. After all, the CEO isn’t going to log in every day to check the nitty-gritty of payroll.

The result is an ID that can be used by malicious actors to perpetrate fraud. Aside from electronic measures, encouraging your employees to sign up for direct deposits and engaging an automated clearinghouse (ACH) will prevent check fraud and business bank account misuse.

Integrating cybersecurity as a central tenet of your organization’s culture is also a great way to increase payroll security. Instead of treating it as an appendage, making it a central business function communicates that payroll is every employee’s responsibility.

Install Updates and Patches Regularly

Security is a fast-changing field these days thanks to penetration attack methods becoming ever more sophisticated. A good payroll solutions provider will offer updates constantly and keep you abreast of industry best practices. Make sure you patch your software regularly so that there are no vulnerabilities.

Aside from updating software, it’s wise to adopt common-sense security tactics. Have your payroll employees update their passwords regularly. Note that frequent updating of passwords can be a double-edged sword. Your employees might run out of creativity and end up choosing weaker passwords.

To mitigate this risk, issue password creation guidelines or even consider ditching passwords for new solutions like FIDO protocols. These new solutions offer two-step authentication without the need for a password. The result is less reliance on a potentially outdated password and a more secure payroll system.

Separate Duties

A common issue in payroll departments is that one employee executes a significant amount of work. In the name of cost savings, departments might become understaffed, and this increases the risk of compromise. The more duties a single person handles, the greater is your organization’s risk of falling apart if something happens to that employee.

Installing a separation of duties protocol, something that I.T. routinely works with is wise. In this model, all critical tasks are equally divided between employees. People are less likely to steal or manipulate sensitive information if they know that someone else will be reviewing their work through a simple chain of command.

An example of this structure would be to have 3 employees dealing separately with timecards, running payroll, and issuing checks. This way, no single employee has access to the entire system, and you process payroll efficiently. All their work can be verified by one another, thanks to one person’s output providing the input for the next step and the possibility of fraud decreases.

Constant Improvement

Security is a moving target these days, and you should always stay up to date with the latest best practices. Payroll is an important business function, so never neglect the importance of securing it. Follow these 4 tips, and you’ll not only process payroll efficiently, but you’ll also create a safer environment for your employees.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/setting-up-secure-payroll/

Continue Reading

Cyber Security

Threat Actors are Abusing Argo Workflows to Target Kubernetes

Published

on

According to a warning from security vendor Intezer, threat actors are leveraging Argo Workflows to target Kubernetes deployments and deploy crypto-miners.

The Intezer team discovered a number of unprotected instances run by companies in the IT, finance, and logistics industries that allowed anyone to deploy workflows. Malicious actors have used the nodes to deploy crypto-miners in some circumstances.

Argo Workflows is an open-source, Kubernetes-based workflow engine that allows customers to perform parallel operations from a single interface, minimising deployment complexity and reducing the risk of failures.

Argo works using YAML files to define the type of work to be done, with workflows being run either from a template or directly from the Argo console.

Threat actors might access an open Argo dashboard and deploy their workflow on the misconfigured servers, according to Intezer. The adversary used kannix/monero-miner, a known crypto-currency mining container that has been removed from Docker Hub, in one of the reported attacks.

Threat actors are abusing the container, which uses XMRig to mine for Monero and can be easily adjusted by simply altering the address of the crypto-wallet where the mined virtual coin should be deposited, to execute crypto-jacking activities.

Users can simply access the Argo Workflows dashboard from outside the corporate network, using an incognito browser, and without authentication, to see if their instances have been correctly configured.

“Another alternative is to query your instance’s API and look at the status code. Request information from [your.instance:port]/api/v1/info using HTTP GET. While an unauthenticated user, a returned HTTP status code of “401 Unauthorized” indicates a correctly configured instance, whereas a successful status code of “200 Success” could indicate that an unauthorised user is able to access the instance, according to Intezer.

Users should also verify their Argo instances for any strange behaviour and make sure that no workflows have been running for an extended period of time, since this could suggest the deployment of a crypto-miner in the cluster.


PlatoAi. Web3 Reimagined. Data Intelligence Amplified.
Click here to access.

Source: https://cybersguards.com/threat-actors-are-abusing-argo-workflows-to-target-kubernetes/

Continue Reading
Crowdfunding13 mins ago

Rumblings of Amazon Accepting Crypto Drive Bitcoin Higher

Crowdfunding49 mins ago

Arca CIO Slams Lack of Transparency in Digital Asset Offerings

Crowdfunding1 hour ago

New UK Innovation Strategy to Cement the Nation’s Position as a Leader in Science, Research, Innovation: Report

Cleantech2 hours ago

How Elon Musk Uses “Wonder & Fear” To Create Excitement Around Tesla

Automotive2 hours ago

Spy Video Hints Chevy Corvette Z06 C8 Has Magnesium Transmission Case

Esports2 hours ago

The Rampage LMG’s fire rate can be boosted with Thermite Grenades in Apex Legends

Esports2 hours ago

Last chance to take advantage of Smite’s Publisher Weekend deals on Steam

Cleantech2 hours ago

NTPC Wins Approval For India’s Largest (4.7 Gigawatt!) Solar Park

Esports2 hours ago

How to complete FUTTIES Coman SBC in FIFA 21 Ultimate Team

Energy2 hours ago

Michael Baker International Affirms Industry Leadership Position in Engineering News-Record’s Latest Rankings

Esports2 hours ago

How to complete FUTTIES PL Player Pick SBC in FIFA 21 Ultimate Team

Esports2 hours ago

How to repair items in New World

Energy2 hours ago

Orbital Energy Group, Inc. Announces Closing Of $38 Million Registered Direct Offering

Esports2 hours ago

TFT Set 5.5 Draconic tables revealed following Patch 11.15 hotfix

Esports2 hours ago

EU VCT Stage 3 Challengers 2: Scores, schedule, bracket

Fintech2 hours ago

B2B Payments Innovator Paystand Secures $50 Million in Series C Funding

Esports2 hours ago

Evil Geniuses’ Danny leads all LCS players in kills ahead of season’s final weekend

Cleantech2 hours ago

Middle Ground: Going Forward With The EV Transition, But Acknowledging The Impacts of Battery Mining

Esports3 hours ago

Can You Play League of Legends on Steam Deck?

Esports3 hours ago

Assassin’s Creed Valhalla Title Update 1.3.0: Everything You Need to Know

Big Data3 hours ago

Tether executives said to face criminal probe into bank fraud – Bloomberg News

Big Data3 hours ago

McDonald’s creates new unit to focus on global digital app

Big Data3 hours ago

EV maker Lucid rises in Nasdaq debut after merger with Klein-backed SPAC

Big Data3 hours ago

EU gives Google 2 months to improve hotel, flight search results

Start Ups3 hours ago

Identity authentication and fraud prevention company AuthenticID lands $100M

Esports3 hours ago

Netflix is reportedly developing a live-action Pokémon series

Energy3 hours ago

CWEA Presents Statewide Wastewater Awards In Laboratory, Engineering And Pre-treatment

Cleantech3 hours ago

In 2020, the United States Produced the Least CO2 Emissions from Energy in Nearly 40 Years

Energy3 hours ago

CWEA Award Winners Represent Districts Throughout The State

Esports3 hours ago

Riot reveals EU Reckoning qualifier dates for TFT Set 5/5.5 Worlds

Trending